@studion/infra-code-blocks 0.8.0-next.0 → 0.8.0-next.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
|
@@ -144,7 +144,7 @@ export declare class EcsService extends pulumi.ComponentResource {
|
|
|
144
144
|
private createContainerDefinition;
|
|
145
145
|
private createTaskExecutionRole;
|
|
146
146
|
private createTaskRole;
|
|
147
|
-
addSecurityGroup(securityGroup:
|
|
147
|
+
addSecurityGroup(securityGroup: aws.ec2.SecurityGroup): void;
|
|
148
148
|
private createDefaultSecurityGroup;
|
|
149
149
|
private createEcsService;
|
|
150
150
|
private createServiceDiscovery;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../src/v2/components/ecs-service/index.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,MAAM,MAAM,gBAAgB,CAAC;AACzC,OAAO,KAAK,GAAG,MAAM,aAAa,CAAC;AACnC,OAAO,KAAK,IAAI,MAAM,cAAc,CAAC;AACrC,OAAO,EAAc,IAAI,EAAE,MAAM,qBAAqB,CAAC;AAOvD,KAAK,iBAAiB,GAAG;IACvB,UAAU,EAAE,GAAG,CAAC,GAAG,CAAC,UAAU,CAAC;IAC/B,WAAW,EAAE,GAAG,CAAC,GAAG,CAAC,WAAW,
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../src/v2/components/ecs-service/index.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,MAAM,MAAM,gBAAgB,CAAC;AACzC,OAAO,KAAK,GAAG,MAAM,aAAa,CAAC;AACnC,OAAO,KAAK,IAAI,MAAM,cAAc,CAAC;AACrC,OAAO,EAAc,IAAI,EAAE,MAAM,qBAAqB,CAAC;AAOvD,KAAK,iBAAiB,GAAG;IACvB,UAAU,EAAE,GAAG,CAAC,GAAG,CAAC,UAAU,CAAC;IAC/B,WAAW,EAAE,GAAG,CAAC,GAAG,CAAC,WAAW,CAAC;CAClC,CAAC;AAEF,yBAAiB,UAAU,CAAC;IAC1B;;;;;OAKG;IACH,KAAY,uBAAuB,GAAG;QAAE,IAAI,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAA;KAAE,CAAC;IAErE;;;;;;;OAOG;IACH,KAAY,2BAA2B,GAAG;QACxC,YAAY,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;QACnC,aAAa,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;QACpC,QAAQ,CAAC,EAAE,MAAM,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;KAClC,CAAC;IAEF;;;OAGG;IACH,KAAY,SAAS,GAAG;QACtB,IAAI,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;QAC3B,KAAK,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;QAC5B,YAAY,CAAC,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC;QACjE,OAAO,CAAC,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;QAC/C,WAAW,CAAC,EAAE,2BAA2B,EAAE,CAAC;QAC5C,WAAW,CAAC,EAAE,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,CAAC,YAAY,EAAE,CAAC,CAAC;QACnD,OAAO,CAAC,EAAE,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,CAAC,MAAM,EAAE,CAAC,CAAC;QACzC,SAAS,CAAC,EAAE,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,CAAC,mBAAmB,EAAE,CAAC,CAAC;QACxD;;;;;;;WAOG;QACH,SAAS,CAAC,EAAE,MAAM,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;QAClC,WAAW,CAAC,EAAE,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;KACjD,CAAC;IAEF,KAAY,IAAI,GAAG;QAAE,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAA;KAAE,CAAC;IAE3D,KAAY,kBAAkB,GAAG;QAC/B,aAAa,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;QACpC,aAAa,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;QACpC,cAAc,EAAE,GAAG,CAAC,EAAE,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC;KAC3C,CAAC;IAEF,KAAY,gBAAgB,GAAG,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,gBAAgB,CAAC;IAEpE,KAAY,IAAI,GAAG;QACjB,OAAO,EAAE,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;QACvC,GAAG,EAAE,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QAChC,UAAU,EAAE,UAAU,CAAC,SAAS,EAAE,CAAC;QACnC,aAAa,CAAC,EAAE,MAAM,CAAC,KAAK,CAAC,kBAAkB,EAAE,CAAC,CAAC;QACnD,OAAO,CAAC,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,KAAK,CAAC,UAAU,CAAC,uBAAuB,CAAC,EAAE,CAAC,CAAC;QAC3E;;;WAGG;QACH,YAAY,CAAC,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;QACpC;;;;;;;;;WASG;QACH,IAAI,CAAC,EAAE,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QAC1B;;;WAGG;QACH,aAAa,CAAC,EAAE,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC;QACpD,cAAc,CAAC,EAAE,MAAM,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;QACvC,+BAA+B,CAAC,EAAE,MAAM,CAAC,KAAK,CAC5C,MAAM,CAAC,KAAK,CAAC,gBAAgB,CAAC,EAAE,CACjC,CAAC;QACF,sBAAsB,CAAC,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,KAAK,CAAC,gBAAgB,CAAC,EAAE,CAAC,CAAC;QACxE;;;;;WAKG;QACH,0BAA0B,CAAC,EAAE,MAAM,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;QACnD,WAAW,CAAC,EAAE,MAAM,CAAC,KAAK,CAAC;YACzB;;;;eAIG;YACH,OAAO,EAAE,MAAM,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;YAC/B;;;;eAIG;YACH,QAAQ,CAAC,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;YAChC;;;;eAIG;YACH,QAAQ,CAAC,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;SACjC,CAAC,CAAC;QACH;;WAEG;QACH,IAAI,CAAC,EAAE,MAAM,CAAC,KAAK,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC;KACtC,CAAC;CACH;AAiCD,qBAAa,UAAW,SAAQ,MAAM,CAAC,iBAAiB;IACtD,IAAI,EAAE,MAAM,CAAC;IACb,GAAG,EAAE,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;IACjC,QAAQ,EAAE,GAAG,CAAC,UAAU,CAAC,QAAQ,CAAC;IAClC,cAAc,EAAE,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;IACtD,iBAAiB,EAAE,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC;IAChC,QAAQ,EAAE,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC;IACvB,OAAO,EAAE,GAAG,CAAC,GAAG,CAAC,OAAO,CAAC;IACzB,cAAc,EAAE,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,aAAa,CAAC,EAAE,CAAC;IACvD,uBAAuB,CAAC,EAAE,GAAG,CAAC,gBAAgB,CAAC,OAAO,CAAC;IACvD,iBAAiB,CAAC,EAAE,iBAAiB,CAAC;gBAGpC,IAAI,EAAE,MAAM,EACZ,IAAI,EAAE,UAAU,CAAC,IAAI,EACrB,IAAI,GAAE,MAAM,CAAC,wBAA6B;WAqD9B,oBAAoB,CAChC,IAAI,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,GACzB,GAAG,CAAC,GAAG,CAAC,WAAW;IAQtB,OAAO,CAAC,cAAc;IAatB,OAAO,CAAC,oBAAoB;IAsC5B,OAAO,CAAC,2BAA2B;IAoBnC,OAAO,CAAC,yBAAyB;IA8BjC,OAAO,CAAC,uBAAuB;IAuC/B,OAAO,CAAC,cAAc;IAsCf,gBAAgB,CAAC,aAAa,EAAE,GAAG,CAAC,GAAG,CAAC,aAAa,GAAG,IAAI;IAInE,OAAO,CAAC,0BAA0B;IA4BlC,OAAO,CAAC,gBAAgB;IAqCxB,OAAO,CAAC,sBAAsB;IAuB9B,OAAO,CAAC,yBAAyB;IAYjC,OAAO,CAAC,iBAAiB;IAsDzB,OAAO,CAAC,uBAAuB;CA0EhC"}
|
|
@@ -17,7 +17,7 @@ const STANDARD_DIRECTORY_PERMISSIONS = '0755';
|
|
|
17
17
|
const FIRST_POSIX_NON_ROOT_USER = {
|
|
18
18
|
userId: 1000,
|
|
19
19
|
groupId: 1000,
|
|
20
|
-
permissions: STANDARD_DIRECTORY_PERMISSIONS
|
|
20
|
+
permissions: STANDARD_DIRECTORY_PERMISSIONS,
|
|
21
21
|
};
|
|
22
22
|
const defaults = {
|
|
23
23
|
desiredCount: 1,
|
|
@@ -39,7 +39,8 @@ class EcsService extends pulumi.ComponentResource {
|
|
|
39
39
|
constructor(name, args, opts = {}) {
|
|
40
40
|
super('studion:ecs:Service', name, {}, opts);
|
|
41
41
|
const argsWithDefaults = Object.assign({}, defaults, args);
|
|
42
|
-
const taskExecutionRoleInlinePolicies = pulumi.output(args.taskExecutionRoleInlinePolicies ||
|
|
42
|
+
const taskExecutionRoleInlinePolicies = pulumi.output(args.taskExecutionRoleInlinePolicies ||
|
|
43
|
+
defaults.taskExecutionRoleInlinePolicies);
|
|
43
44
|
const taskRoleInlinePolicies = pulumi.output(args.taskRoleInlinePolicies || defaults.taskRoleInlinePolicies);
|
|
44
45
|
this.name = name;
|
|
45
46
|
this.securityGroups = [];
|
|
@@ -47,9 +48,11 @@ class EcsService extends pulumi.ComponentResource {
|
|
|
47
48
|
this.logGroup = this.createLogGroup();
|
|
48
49
|
this.taskExecutionRole = this.createTaskExecutionRole(taskExecutionRoleInlinePolicies);
|
|
49
50
|
this.taskRole = this.createTaskRole(taskRoleInlinePolicies);
|
|
50
|
-
|
|
51
|
-
|
|
52
|
-
|
|
51
|
+
pulumi.output(argsWithDefaults.volumes).apply(volume => {
|
|
52
|
+
if (volume.length) {
|
|
53
|
+
this.persistentStorage = this.createPersistentStorage(this.vpc);
|
|
54
|
+
}
|
|
55
|
+
});
|
|
53
56
|
this.taskDefinition = this.createTaskDefinition(argsWithDefaults.containers, pulumi.output(argsWithDefaults.volumes), this.taskExecutionRole, this.taskRole, argsWithDefaults.size, Object.assign(Object.assign({}, constants_1.commonTags), argsWithDefaults.tags));
|
|
54
57
|
if (argsWithDefaults.enableServiceAutoDiscovery) {
|
|
55
58
|
this.serviceDiscoveryService = this.createServiceDiscovery();
|
|
@@ -64,7 +67,7 @@ class EcsService extends pulumi.ComponentResource {
|
|
|
64
67
|
return {
|
|
65
68
|
containerPort: port,
|
|
66
69
|
hostPort: port,
|
|
67
|
-
protocol: 'tcp'
|
|
70
|
+
protocol: 'tcp',
|
|
68
71
|
};
|
|
69
72
|
}
|
|
70
73
|
createLogGroup() {
|
|
@@ -102,22 +105,24 @@ class EcsService extends pulumi.ComponentResource {
|
|
|
102
105
|
accessPointId: this.persistentStorage.accessPoint.id,
|
|
103
106
|
iam: 'ENABLED',
|
|
104
107
|
},
|
|
105
|
-
}
|
|
108
|
+
},
|
|
106
109
|
}));
|
|
107
110
|
});
|
|
108
111
|
}
|
|
109
112
|
createContainerDefinition(container) {
|
|
110
|
-
return this.logGroup.name.apply(logGroupName => (Object.assign(Object.assign(Object.assign(Object.assign({}, container), { readonlyRootFilesystem: false }), container.mountPoints && {
|
|
111
|
-
mountPoints: container.mountPoints.map(mountPoint => pulumi
|
|
113
|
+
return this.logGroup.name.apply(logGroupName => (Object.assign(Object.assign(Object.assign(Object.assign({}, container), { readonlyRootFilesystem: false }), (container.mountPoints && {
|
|
114
|
+
mountPoints: container.mountPoints.map(mountPoint => pulumi
|
|
115
|
+
.all([
|
|
112
116
|
mountPoint.sourceVolume,
|
|
113
117
|
mountPoint.containerPath,
|
|
114
|
-
mountPoint.readOnly
|
|
115
|
-
])
|
|
118
|
+
mountPoint.readOnly,
|
|
119
|
+
])
|
|
120
|
+
.apply(([sourceVolume, containerPath, readOnly]) => ({
|
|
116
121
|
containerPath,
|
|
117
122
|
sourceVolume,
|
|
118
123
|
readOnly: readOnly !== null && readOnly !== void 0 ? readOnly : false,
|
|
119
|
-
})))
|
|
120
|
-
}), { logConfiguration: {
|
|
124
|
+
}))),
|
|
125
|
+
})), { logConfiguration: {
|
|
121
126
|
logDriver: 'awslogs',
|
|
122
127
|
options: {
|
|
123
128
|
'awslogs-group': logGroupName,
|
|
@@ -187,35 +192,29 @@ class EcsService extends pulumi.ComponentResource {
|
|
|
187
192
|
}, { parent: this });
|
|
188
193
|
}
|
|
189
194
|
addSecurityGroup(securityGroup) {
|
|
190
|
-
this.securityGroups.push(securityGroup);
|
|
195
|
+
this.securityGroups.push(pulumi.output(securityGroup));
|
|
191
196
|
}
|
|
192
197
|
createDefaultSecurityGroup() {
|
|
193
|
-
const securityGroup =
|
|
194
|
-
this.vpc,
|
|
195
|
-
|
|
196
|
-
|
|
197
|
-
|
|
198
|
-
|
|
199
|
-
|
|
200
|
-
|
|
201
|
-
|
|
202
|
-
|
|
203
|
-
|
|
204
|
-
|
|
205
|
-
|
|
206
|
-
|
|
207
|
-
|
|
208
|
-
|
|
209
|
-
|
|
210
|
-
|
|
211
|
-
|
|
212
|
-
|
|
213
|
-
cidrBlocks: ['0.0.0.0/0'],
|
|
214
|
-
},
|
|
215
|
-
],
|
|
216
|
-
tags: constants_1.commonTags,
|
|
217
|
-
}, { parent: this, dependsOn: [vpc] });
|
|
218
|
-
});
|
|
198
|
+
const securityGroup = new aws.ec2.SecurityGroup(`${this.name}-service-security-group`, {
|
|
199
|
+
vpcId: this.vpc.vpcId,
|
|
200
|
+
ingress: [
|
|
201
|
+
{
|
|
202
|
+
fromPort: 0,
|
|
203
|
+
toPort: 0,
|
|
204
|
+
protocol: '-1',
|
|
205
|
+
cidrBlocks: [this.vpc.vpc.cidrBlock],
|
|
206
|
+
},
|
|
207
|
+
],
|
|
208
|
+
egress: [
|
|
209
|
+
{
|
|
210
|
+
fromPort: 0,
|
|
211
|
+
toPort: 0,
|
|
212
|
+
protocol: '-1',
|
|
213
|
+
cidrBlocks: ['0.0.0.0/0'],
|
|
214
|
+
},
|
|
215
|
+
],
|
|
216
|
+
tags: constants_1.commonTags,
|
|
217
|
+
}, { parent: this });
|
|
219
218
|
this.addSecurityGroup(securityGroup);
|
|
220
219
|
}
|
|
221
220
|
createEcsService(ecsServiceArgs) {
|
|
@@ -223,16 +222,20 @@ class EcsService extends pulumi.ComponentResource {
|
|
|
223
222
|
this.createDefaultSecurityGroup();
|
|
224
223
|
const networkConfiguration = {
|
|
225
224
|
assignPublicIp: ecsServiceArgs.assignPublicIp,
|
|
226
|
-
subnets: ecsServiceArgs.assignPublicIp
|
|
225
|
+
subnets: ecsServiceArgs.assignPublicIp
|
|
226
|
+
? this.vpc.publicSubnetIds
|
|
227
|
+
: this.vpc.privateSubnetIds,
|
|
227
228
|
securityGroups: pulumi
|
|
228
229
|
.all(this.securityGroups)
|
|
229
230
|
.apply(groups => groups.map(it => it.id)),
|
|
230
231
|
};
|
|
231
|
-
return new aws.ecs.Service(`${this.name}-service`, Object.assign(Object.assign(Object.assign({ name: this.name, cluster: pulumi.output(ecsServiceArgs.cluster).id, launchType: 'FARGATE', desiredCount: ecsServiceArgs.desiredCount, taskDefinition: this.taskDefinition.arn, enableExecuteCommand: true, networkConfiguration }, ecsServiceArgs.loadBalancers && {
|
|
232
|
+
return new aws.ecs.Service(`${this.name}-service`, Object.assign(Object.assign(Object.assign({ name: this.name, cluster: pulumi.output(ecsServiceArgs.cluster).id, launchType: 'FARGATE', desiredCount: ecsServiceArgs.desiredCount, taskDefinition: this.taskDefinition.arn, enableExecuteCommand: true, networkConfiguration }, (ecsServiceArgs.loadBalancers && {
|
|
233
|
+
loadBalancers: ecsServiceArgs.loadBalancers,
|
|
234
|
+
})), (this.serviceDiscoveryService && {
|
|
232
235
|
serviceRegistries: {
|
|
233
236
|
registryArn: this.serviceDiscoveryService.arn,
|
|
234
237
|
},
|
|
235
|
-
}), { tags: Object.assign(Object.assign({}, constants_1.commonTags), ecsServiceArgs.tags) }), { parent: this
|
|
238
|
+
})), { tags: Object.assign(Object.assign({}, constants_1.commonTags), ecsServiceArgs.tags) }), { parent: this });
|
|
236
239
|
}
|
|
237
240
|
createServiceDiscovery() {
|
|
238
241
|
const privateDnsNamespace = this.createPrivateDnsNameSpace();
|
|
@@ -319,7 +322,7 @@ class EcsService extends pulumi.ComponentResource {
|
|
|
319
322
|
],
|
|
320
323
|
tags: constants_1.commonTags,
|
|
321
324
|
}, { parent: this });
|
|
322
|
-
this.vpc.privateSubnetIds.apply(
|
|
325
|
+
this.vpc.privateSubnetIds.apply(subnetIds => {
|
|
323
326
|
subnetIds.forEach(subnetId => {
|
|
324
327
|
const mountTarget = new aws.efs.MountTarget(`${this.name}-mount-target-${subnetId}`, {
|
|
325
328
|
fileSystemId: efs.id,
|